httpd_access log reader?

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • kmanrox
    aka K-Man
    • Oct 2001
    • 29295

    #1

    httpd_access log reader?

    can anyone recommend a quick and easy log-parser/reader? i dont wanna install shit onto the server, or crons or anything.. i just wanna load httpd_access and have it parsed up so i can see stats... any suggestions for a quick and easy solution?

    thx
    Crypto HODLr
    Crypto mining
    Angel investor
  • kmanrox
    aka K-Man
    • Oct 2001
    • 29295

    #2
    give

    me

    some

    love
    Crypto HODLr
    Crypto mining
    Angel investor

    Comment

    • BradM
      Confirmed User
      • Dec 2003
      • 3397

      #3
      you want to see it in shell or in an html format via webserver?

      Comment

      • kmanrox
        aka K-Man
        • Oct 2001
        • 29295

        #4
        brad: doesnt really matter, just dont wanna look at the raw logs i can cat from ssh.... wanna see referers and hits to pages and such
        Crypto HODLr
        Crypto mining
        Angel investor

        Comment

        • kmanrox
          aka K-Man
          • Oct 2001
          • 29295

          #5
          i guess from the shell would be easiest to run eh?
          Crypto HODLr
          Crypto mining
          Angel investor

          Comment

          • BradM
            Confirmed User
            • Dec 2003
            • 3397

            #6
            Sure, but if you are getting volume, it's no fun to read each access. I do it with one of my sites because I like to see everything going on, but it's super small and I have nothing but time.

            You'll want to use something prettier. Try: http://http-analyze.org/
            It's a bit bloated but will get the job done

            edit: Oh and you're running apache right?

            Comment

            • kmanrox
              aka K-Man
              • Oct 2001
              • 29295

              #7
              yes apache.. ill take a look at it... we're beta testing something and the wrong affid is being passed i wanna see what it says when entering the server... programmer is off this weekend ;-)

              thx dude
              Crypto HODLr
              Crypto mining
              Angel investor

              Comment

              • flashbang
                Confirmed User
                • May 2006
                • 767

                #8
                you said you cat,
                now add grep

                cat /logs/blah.log|grep dicksanddongs.com
                cat /logs/blah.log|grep "?q=assplugs+dongs+dildos"
                cat /logs/blah.log|grep 256.22.29.291

                count hits from google queries
                cat /logs/blah.log|grep -c "google.com?q="



                Your TGP traffic belongs to you again
                |
                X Rated Words & Hard Links

                Comment

                • flashbang
                  Confirmed User
                  • May 2006
                  • 767

                  #9
                  here's another tip

                  looking for an error in real time, while tail -f logs and you getting tons of hits, grep what you are looking for

                  tail -f /logs/blah.log|grep "tracker?moo=153535"



                  Your TGP traffic belongs to you again
                  |
                  X Rated Words & Hard Links

                  Comment

                  • BradM
                    Confirmed User
                    • Dec 2003
                    • 3397

                    #10
                    Originally posted by flashbang
                    here's another tip

                    looking for an error in real time, while tail -f logs and you getting tons of hits, grep what you are looking for

                    tail -f /logs/blah.log|grep "tracker?moo=153535"
                    Word... that's possibly the easiest solution kman if you're getting a decent amount of queries.

                    Comment

                    • kmanrox
                      aka K-Man
                      • Oct 2001
                      • 29295

                      #11
                      thx fb.. ill try that too ;-) i never knew how to use grep properly but knew OF it
                      Crypto HODLr
                      Crypto mining
                      Angel investor

                      Comment

                      • flashbang
                        Confirmed User
                        • May 2006
                        • 767

                        #12
                        anytime, might have to blackslash some characters if they come into play

                        offhand i think the most common are \$ \" \?

                        grep "moo=\"\?goo&blah=car\""



                        Your TGP traffic belongs to you again
                        |
                        X Rated Words & Hard Links

                        Comment

                        • kmanrox
                          aka K-Man
                          • Oct 2001
                          • 29295

                          #13
                          affiliate is supposed to be sending wid=102 only a small % of his traffic is coming thru proper...

                          the rest is weird wid=3D102 and such..

                          now, he swears his link codes are right on his end, is there any chance our servers are fuxing up this wid suffix?

                          66.66.666.66 - - [03/Jun/2006:15:15:04 -0700] "GET /?wid=3D102 HTTP/1.1" 200 34289
                          66.66.666.66 - - [03/Jun/2006:15:19:39 -0700] "GET /?wid=3D102 HTTP/1.1" 200 34289
                          66.66.666.66 - - [03/Jun/2006:15:22:10 -0700] "GET /?wid=3D102 HTTP/1.1" 200 34289
                          66.66.666.66 - - [03/Jun/2006:15:51:47 -0700] "GET /?wid=3D102 HTTP/1.1" 200 34289
                          66.66.666.66 - - [03/Jun/2006:16:35:03 -0700] "GET /?wid=3D102 HTTP/1.1" 200 34289
                          66.66.666.66 - - [03/Jun/2006:16:45:53 -0700] "GET /?wid=3D102 HTTP/1.1" 200 34289
                          66.66.666.66 - - [03/Jun/2006:16:46:23 -0700] "GET /?wid=3D102 HTTP/1.1" 200 34289
                          66.66.666.66 - - [03/Jun/2006:16:55:12 -0700] "GET /?wid=3D102 HTTP/1.1" 200 34289
                          66.66.666.66 - - [03/Jun/2006:17:15:38 -0700] "GET /?wid=3D102 HTTP/1.1" 200 34289
                          66.66.666.66 - - [03/Jun/2006:17:17:25 -0700] "GET /?wid=3D102 HTTP/1.1" 200 34289
                          66.66.666.66 - - [03/Jun/2006:17:29:01 -0700] "GET /?wid=3D102 HTTP/1.1" 200 34289
                          66.66.666.66 - - [03/Jun/2006:17:32:47 -0700] "GET /?wid=3D102 HTTP/1.1" 200 34289
                          66.66.666.66 - - [03/Jun/2006:17:33:21 -0700] "GET /?wid=3D102 HTTP/1.1" 200 34289
                          66.66.666.66 - - [03/Jun/2006:17:34:20 -0700] "GET /?wid=3D102 HTTP/1.1" 200 34289
                          66.66.666.66 - - [03/Jun/2006:17:58:22 -0700] "GET /?wid=3D102 HTTP/1.1" 200 34289
                          66.66.666.66 - - [03/Jun/2006:19:31:18 -0700] "GET /?wid=3D102 HTTP/1.1" 200 34289
                          66.66.666.66 - - [03/Jun/2006:20:58:34 -0700] "GET /?wid=3D102 HTTP/1.1" 200 34289
                          66.66.666.66 - - [03/Jun/2006:21:38:10 -0700] "GET /?wid=102 HTTP/1.1" 301 350
                          66.66.666.66 - - [03/Jun/2006:21:38:10 -0700] "GET /index.php?wid=102 HTTP/1.1" 200 34289
                          66.66.666.66 - - [03/Jun/2006:22:19:56 -0700] "GET /?wid=3D102 HTTP/1.1" 200 34289
                          66.66.666.66 - - [03/Jun/2006:22:45:10 -0700] "GET /?wid=102 HTTP/1.1" 200 34289
                          66.66.666.66 - - [04/Jun/2006:00:38:09 -0700] "GET /?wid=3D102 HTTP/1.1" 200 34289
                          66.66.666.66 - - [04/Jun/2006:01:03:49 -0700] "GET /?wid=102 HTTP/1.1" 301 350
                          66.66.666.66 - - [04/Jun/2006:01:03:55 -0700] "GET /index.php?wid=102 HTTP/1.1" 200 34289
                          66.66.666.66 - - [04/Jun/2006:01:14:36 -0700] "GET /?wid=3D102 HTTP/1.1" 200 34289
                          Crypto HODLr
                          Crypto mining
                          Angel investor

                          Comment

                          • flashbang
                            Confirmed User
                            • May 2006
                            • 767

                            #14
                            yes 3D is the hex for =
                            you're script might be trying to insert a = but soemthign is chopping off the % part of %3D

                            could be him as well, not sure if you do any mod-rewrite or whatnot on incoming urls



                            Your TGP traffic belongs to you again
                            |
                            X Rated Words & Hard Links

                            Comment

                            • 2HousePlague
                              CURATOR
                              • Jul 2004
                              • 14572

                              #15
                              Originally posted by kmanrox
                              affiliate is supposed to be sending wid=102 only a small % of his traffic is coming thru proper...

                              the rest is weird wid=3D102 and such..

                              now, he swears his link codes are right on his end, is there any chance our servers are fuxing up this wid suffix?

                              66.66.666.66 - - [03/Jun/2006:15:15:04 -0700] "GET /?wid=3D102 HTTP/1.1" 200 34289
                              66.66.666.66 - - [03/Jun/2006:15:19:39 -0700] "GET /?wid=3D102 HTTP/1.1" 200 34289
                              66.66.666.66 - - [03/Jun/2006:15:22:10 -0700] "GET /?wid=3D102 HTTP/1.1" 200 34289
                              66.66.666.66 - - [03/Jun/2006:15:51:47 -0700] "GET /?wid=3D102 HTTP/1.1" 200 34289
                              66.66.666.66 - - [03/Jun/2006:16:35:03 -0700] "GET /?wid=3D102 HTTP/1.1" 200 34289
                              66.66.666.66 - - [03/Jun/2006:16:45:53 -0700] "GET /?wid=3D102 HTTP/1.1" 200 34289
                              66.66.666.66 - - [03/Jun/2006:16:46:23 -0700] "GET /?wid=3D102 HTTP/1.1" 200 34289
                              66.66.666.66 - - [03/Jun/2006:16:55:12 -0700] "GET /?wid=3D102 HTTP/1.1" 200 34289
                              66.66.666.66 - - [03/Jun/2006:17:15:38 -0700] "GET /?wid=3D102 HTTP/1.1" 200 34289
                              66.66.666.66 - - [03/Jun/2006:17:17:25 -0700] "GET /?wid=3D102 HTTP/1.1" 200 34289
                              66.66.666.66 - - [03/Jun/2006:17:29:01 -0700] "GET /?wid=3D102 HTTP/1.1" 200 34289
                              66.66.666.66 - - [03/Jun/2006:17:32:47 -0700] "GET /?wid=3D102 HTTP/1.1" 200 34289
                              66.66.666.66 - - [03/Jun/2006:17:33:21 -0700] "GET /?wid=3D102 HTTP/1.1" 200 34289
                              66.66.666.66 - - [03/Jun/2006:17:34:20 -0700] "GET /?wid=3D102 HTTP/1.1" 200 34289
                              66.66.666.66 - - [03/Jun/2006:17:58:22 -0700] "GET /?wid=3D102 HTTP/1.1" 200 34289
                              66.66.666.66 - - [03/Jun/2006:19:31:18 -0700] "GET /?wid=3D102 HTTP/1.1" 200 34289
                              66.66.666.66 - - [03/Jun/2006:20:58:34 -0700] "GET /?wid=3D102 HTTP/1.1" 200 34289
                              66.66.666.66 - - [03/Jun/2006:21:38:10 -0700] "GET /?wid=102 HTTP/1.1" 301 350
                              66.66.666.66 - - [03/Jun/2006:21:38:10 -0700] "GET /index.php?wid=102 HTTP/1.1" 200 34289
                              66.66.666.66 - - [03/Jun/2006:22:19:56 -0700] "GET /?wid=3D102 HTTP/1.1" 200 34289
                              66.66.666.66 - - [03/Jun/2006:22:45:10 -0700] "GET /?wid=102 HTTP/1.1" 200 34289
                              66.66.666.66 - - [04/Jun/2006:00:38:09 -0700] "GET /?wid=3D102 HTTP/1.1" 200 34289
                              66.66.666.66 - - [04/Jun/2006:01:03:49 -0700] "GET /?wid=102 HTTP/1.1" 301 350
                              66.66.666.66 - - [04/Jun/2006:01:03:55 -0700] "GET /index.php?wid=102 HTTP/1.1" 200 34289
                              66.66.666.66 - - [04/Jun/2006:01:14:36 -0700] "GET /?wid=3D102 HTTP/1.1" 200 34289







                              2hp
                              tada!

                              Comment

                              • flashbang
                                Confirmed User
                                • May 2006
                                • 767

                                #16
                                really tired and must pass out but if you can't contact this late for fix
                                a quick fix would be along the lines of the following via .htaccess

                                note i have limited info here, some tweaking may be needed


                                RewriteEngine On
                                RewriteRule ^/?wid=3D102$ /?wid=102 [QSA,L]



                                Your TGP traffic belongs to you again
                                |
                                X Rated Words & Hard Links

                                Comment

                                • kmanrox
                                  aka K-Man
                                  • Oct 2001
                                  • 29295

                                  #17
                                  interesting you bring up rewrite.. we're using one, but for another domain of the same affiliate's... this shouldnt affect his other domain should it?


                                  RewriteEngine On

                                  RewriteCond %{HTTP_HOST} !^(.+)www\.blah\.com$ [OR]
                                  RewriteCond %{HTTP_HOST} !^(.+)\.blah\.com$
                                  RewriteRule ^/$ /index.php?wid=102 [R=301,L]

                                  ErrorLog /usr/home/www/log/httpd-error_log
                                  CustomLog /usr/home/www/log/httpd-access_log common
                                  </VirtualHost>
                                  Crypto HODLr
                                  Crypto mining
                                  Angel investor

                                  Comment

                                  • gooddomains
                                    Too lazy to set a custom title
                                    • Jul 2003
                                    • 10127

                                    #18
                                    interesting issue

                                    Comment

                                    • s9ann0
                                      Confirmed User
                                      • Sep 2001
                                      • 4873

                                      #19
                                      analog.cx

                                      Comment

                                      • micker
                                        Confirmed User
                                        • Nov 2005
                                        • 748

                                        #20
                                        I've got a good desktop log parser that would work. hit me up on ICQ - 206-403-725

                                        Comment

                                        Working...